Collaborate Disseminate
Our team is closely monitoring TrickBot’s developing capabilities, including its new cross-channel attacks using the TrickMo component.
The post TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany appeared first on Security Intelligence.
Continue reading TrickBot Pushing a 2FA Bypass App to Bank Customers in Germany
More than 50 Android apps on the Google Play Store—most of which were designed for kids and had racked up almost 1 million downloads between them—have been caught using a new trick to secretly click on ads without the knowledge of smartphone users.
D… Continue reading Dozens of Android Apps for Kids on Google Play Store Caught in Ad Fraud Scheme
An app that’s marketed as a solution to keep children safe online includes such aggressive functionality that cybersecurity researchers warn it’s possible for stalkers to monitor victims in a way that is “almost impossible to detect.” Researchers from Kaspersky Lab on Monday explained that the “MonitorMinor” app bypasses so many controls meant to protect user information that it qualifies as stalkerware. The term “Stalkerware” refers to a malicious class of software that quietly runs in the background on users’ phones, transmitting their location, messaging, and other data to outsiders. MonitorMinor, for instance, makes it possible for abusers to access victims’ social media information, SMS messages, and location. MonitorMinor essentially bypasses normal controls, such as Discretionary Access Control, meant to keep outsiders from accessing messaging app data by gaining root access to a mobile system, according to Victor Chebyshev, a researcher at Kaspersky. As a result, attackers can escalate their privileges to […]
The post ‘Rare’ stalkerware emerges with targets around the world appeared first on CyberScoop.
Continue reading ‘Rare’ stalkerware emerges with targets around the world
Human rights activists and journalists in Uzbekistan, whom researchers have long claimed are victims of intrusive surveillance, are facing an increasingly sophisticated campaign in Uzbekistan, according to new findings from Amnesty International. Last year, a Canadian non-profit, eQualitie, revealed that a group of unidentified attackers has targeted journalists and human rights defenders in Uzbekistan with spearphishing emails since 2016. In June, the attackers escalated their activity, and are now trying to leverage spyware against hundreds of targets, Amnesty said in research published Friday. The advanced espionage efforts highlight how the surveillance threat to vulnerable groups in Uzbekistan is “more sophisticated than previously documented, and able to bypass some security tools [human rights defenders] use to protect themselves[,]” according to the Amnesty International blog detailing the analysis. Human rights activists have been fighting against forced labor and torture in Uzbekistan’s criminal justice system, according to Human Rights Watch. Watchdog groups also have cited unfair criminal trials, and politically-motivated imprisonment in the country. Authorities typically claim they […]
The post Uzbekistan surveillance campaign leverages new spyware against human rights activists appeared first on CyberScoop.
A new simple but dangerous strain of Android malware has been found in the wild that steals users’ authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
Dubbed “Cookiethief” b… Continue reading Android Cookie-Stealing Malware Found Hijacking Facebook Accounts
Cookiethief steals cookies to infiltrate Facebook and other web service accounts. Continue reading Trojan Raids Android Users’ Cookie Jars
More than one billion Android devices are at risk of being hacked or infected by malware, because they are no longer supported by security updates and built-in protection. That’s the conclusion of an investigation by Which?, which found that at-r… Continue reading Over one billion Android devices at risk as they no longer receive security updates
Google has removed another eight apps from the Play Store after researchers determined hackers had been using the games and utility programs to spread malicious software. Users who downloaded the eight Android apps thought they were adding new features for their camera, or installing games meant for kids. In fact the apps, which had been downloaded some 50,000 times, either enrolled victims in expensive premium services without their consent, or installed the “Haken” malware, which siphons user data, researchers from Check Point Software Technologies said in a blog post Friday. The announcement came one day after BuzzFeed News reported that Google had scrubbed another 600 apps that had pushed out “disruptive” advertisements. It’s the latest in a long game of Whac-A-Mole between the security team overseeing the Play Store, and the scammers trying to exploit the app marketplace’s credibility to reach as many victims as possible. Yet the latest revelations […]
The post Google gives the boot to more malware-laden apps posing as games for kids appeared first on CyberScoop.
Continue reading Google gives the boot to more malware-laden apps posing as games for kids
Google has banned nearly 600 Android apps from the Play Store for bombarding users with disruptive ads and violating its advertising guidelines.
The company categorizes disruptive ads as “ads that are displayed to users in unexpected ways, including i… Continue reading Google Bans 600 Android Apps from Play Store for Serving Disruptive Ads
Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store—you have been hacked and being tracked.
These newly detected malicious Androi… Continue reading 3 Google Play Store Apps Exploit Android Zero-Day Used by NSO Group